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Remarks 

Claims 1-17 are pending. 

Information Disclosure Statement 

1 . Tlie information disclosure statements filed 6/30/2005 and 8/30/2005 fail to 
comply with 37 CFR 1 .98(a)(2), which requires a legible copy of each cited foreign 
patent document; each non-patent literature publication or that portion which caused it 
to be listed; and all other information or that portion which caused it to be listed. They 
have been placed in the application file, but the information referred to therein has not 
been considered. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

2. Claims 16 and 17 are rejected under 35 U.S.C. 101 because they are directed to 
non-statutory subject matter. Claims 16 and 17 are each directed to a "program" which 
is purely software and, therefore, fails to fall within a statutory category of invention. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or deschbed as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-17 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Vandergeest (U.S. Patent 6,247,127) in view of Naor (Naor et a!., "Certificate 
Revocation and Certificate Update", January 26, 1998, pp. 1-12). 
Regarding Claim 1 , 

Vandergeest discloses a communication apparatus for 
communicating with a server apparatus based on a server certificate that 
indicates validity of the server apparatus, comprising: 

A revocation data obtainment unit operable to obtain a revocation 
data from a repository apparatus storing the revocation data that is 
information serving as a criterion forjudging validity of the server 
certificate (Column 3, line 66 to Column 4, line 28; and Column 5, lines 25- 
49); 

A revocation data storage unit operable to store the obtained 
revocation data (Column 3, line 66 to Column 4, line 28; and Column 5, 
lines 25-49); 

An identification data reading unit operable to read out, from the 
server certificate, identification data used to identify the server certificate 
(Column 4, line 53 to Column 5, line 49); 

A certificate judging unit operable to judge the validity of the server 
certificate (Column 4, line 53 to Column 5, line 49); and 
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A communication control unit operable to establish a 
communication with the server apparatus when the server certificate is 
judged to be valid, and operable to not establish a communication with the 
server apparatus when the server certificate is judges to be invalid 
(Column 4, line 53 to Column 5, line 49); 

But does not explicitly disclose the use of revocation and 
identification numbers and comparing such numbers to determine validity 
of the certificate. 

Naor, however, discloses a revocation number obtainment unit 
operable to obtain a revocation number from a repository apparatus 
storing the revocation number that is information serving as a criterion for 
judging validity of the server certificate (Pages 1-2, sections 1-2.1); 

An identification number reading unit operable to read out, from the 
server certificate, an identification number used to identify the server 
certificate (Pages 1-2, sections 1-2.1); and 

A certificate judging unit operable to judge the validity of the server 
certificate by comparing the read-out identification number with the 
revocation number stored by the revocation number storage unit (Pages 
1 -2, sections 1 -2.1 ). It would have been obvious to one of ordinary skill in 
the art at the time of applicant's invention to incorporate the CRL 
management techniques of Naor into the certificate verification system of 
Vandergeest in order to prevent the certificate revocation lists from 
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becoming too large and thus becoming difficult to manage, to provide a 
simple method of checking validity of certificates, and/or to reduce 
communication costs related to sending large amounts of data related to 
certificates and their revocation status. 

Regarding Claim 14, 

Claim 14 is a method claim that corresponds to apparatus claim 1 
and is rejected for the same reasons. 

Regarding Claim 16, 

Claim 16 Is a program claim that corresponds to apparatus claim 1 
and Is rejected for the same reasons. 

Regarding Claim 2, 

Vandergeest as modified by Naor discloses the apparatus of claim 
1 , In addition, Naor discloses that the certificate judgment unit judges that 
the server certificate is valid, when the identification number Is equal to or 
larger than the revocation number (Pages 1-2, sections 1-2.1). 

Regarding Claim 3, 

Vandergeest as modified by Naor discloses the apparatus of claim 
1 , In addition, Vandergeest discloses a revocation data judgment unit 
operable to judge validity of the revocation data, wherein the certificate 
judgment unit judges the validity of the server certificate by use of the 
revocation data when the revocation data judgment unit judges that the 
revocation data is valid (Column 4, line 36 to Column 5, line 49); and Naor 
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discloses a revocation number judgment unit operable to judge validity of 
the revocation number, wherein the certificate judgment unit judges the 
validity of the server certificate by use of the revocation number, when the 
revocation number judgment unit judges that the revocation number is 
valid (Pages 1-2, sections 1-2.1). 
Regarding Claim 4, 

Vandergeest as modified by Naor discloses the apparatus of claim 

3, in addition, Vandergeest discloses that the revocation data judgment 
unit judges the validity of the revocation data by comparing identification 
data of a repository certificate indicating validity of the repository 
apparatus with the revocation data stored by the revocation data storage 
unit (Column 4, line 36 to Column 5, line 49); and Naor discloses that the 
revocation number judgment unit judges the validity of the revocation 
number by comparing an identification number of a repository certificate 
indicating validity of the repository apparatus with the revocation number 
stored by the revocation number storage unit (Pages 1-2, sections 1-2.1). 

Regarding Claim 5, 

Vandergeest as modified by Naor discloses the apparatus of claim 

4, in addition, Naor discloses that the revocation number judgment unit 
judges that the repository apparatus is valid when the identification 
number of the repository certificate is equal to or larger than the 
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revocation number stored by tlie revocation number storage unit (Pages 
1-2, sections 1-2.1). 
Regarding Claim 6, 

Vandergeest as modified by Naor discloses the apparatus of claim 
3, In addition, Naor discloses that the revocation number judgment unit 
judges the validity of the revocation number obtained by the revocation 
number obtainment unit by comparing the revocation number obtained by 
the revocation number obtainment unit with the revocation number stored 
by the revocation number storage unit (Pages 1-2, sections 1-2.1). 
Regarding Claim 7, 

Vandergeest as modified by Naor discloses the apparatus of claim 
6, in addition, Naor discloses that the revocation number judgment unit 
judges that the revocation number obtained by the revocation number 
obtainment unit is valid, when the obtained revocation number is equal to 
or larger than the revocation number stored by the revocation number 
storage unit (Pages 1-2, sections 1-2.1). 
Regarding Claim 8, 

Vandergeest discloses a certificate issuing apparatus for issuing a 
server certificate indicating validity of a server apparatus, comprising: 

A revocation data storage unit operable to store revocation data 
that is information serving as a criterion forjudging validity of the server 
certificate (Column 3, lines 25-65); and 
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An issuing unit operable to issue a new server certificate (Column 
3, lines 25-65); 

Wherein the issuing unit issues the new server certificate that 
includes identification data indicating that the certificate is currently valid 
(Column 3, lines 25-65); 

But does not explicitly disclose the use of revocation and 
identification numbers and use of such numbers in determining the validity 
of certificates. 

Naor, however, discloses a revocation number storage unit 
operable to store a revocation number that is information serving as a 
criterion forjudging validity of the server certificate (Pages 1-2, sections 1- 
2.1); and 

An issuing unit operable to issue a new server certificate (Pages 1- 
2, sections 1-2.1); 

Wherein the issuing unit issues the new server certificate that 
includes an identification number indicating a value which is equal to or 
larger than the revocation number stored by the revocation number 
storage unit (Pages 1-2, sections 1-2.1). It would have been obvious to 
one of ordinary skill in the art at the time of applicant's invention to 
incorporate the CRL management techniques of Naor into the certificate 
verification system of Vandergeest in order to prevent the certificate 
revocation lists from becoming too large and thus becoming difficult to 
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manage, to provide a simple metliod of cliecl<ing validity of certificates, 
and/or to reduce communication costs related to sending large amounts of 
data related to certificates and their revocation status. 
Regarding Claim 15, 

Claim 15 Is a method claim that corresponds to apparatus claim 8 
and Is rejected for the same reasons. 
Regarding Claim 17, 

Claim 17 is a program claim that corresponds to apparatus claim 8 
and is rejected for the same reasons. 
Regarding Claim 9, 

Vandergeest as modified by Naor discloses the apparatus of claim 

8, in addition, Naor discloses a revocation number update unit operable to 
update the revocation number stored by the revocation number storage 
unit to a number larger than an identification number of a server certificate 
to be revoked, when notified of the identification number of the server 
certificate to be revoked (Pages 1-2, sections 1-2.1). 

Regarding Claim 10, 

Vandergeest as modified by Naor discloses the apparatus of claim 

9, In addition, Naor discloses that the issuing unit issues the new server 
certificate for a server apparatus with a server certificate that is assigned 
an identification number smaller than the updated revocation number, in 
the case where the revocation number update unit updates the revocation 
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number stored by the revocation number storage unit (Pages 1-2, sections 
1-2.1). 

Regarding Claim 11, 

Vandergeest as modified by Naor discloses the apparatus of claim 
8, In addition, Naor discloses a revocation number update unit operable to 
specify an identification number of a server certificate, an expiration date 
of which is approaching, and update the revocation number stored in the 
revocation storage unit to a number larger than the identification number 
(Pages 1-2, sections 1-2.1). 

Regarding Claim 12, 

Vandergeest as modified by Naor discloses the apparatus of claim 
1 1 , in addition, Naor discloses that the issuing unit issues the new server 
certificate for a server apparatus with a server certificate that Is assigned 
an Identification number smaller than the updated revocation number, In 
the case where the revocation number update unit updates the revocation 
number stored by the revocation number storage unit (Pages 1-2, sections 
1-2.1). 

Regarding Claim 13, 

Claim 13 is an independent claim comprising the certificate Issuing 
apparatus of claim 8 and the communication apparatus of claim 1 , and is 
therefore rejected for the same reasons as the combination of claims 1 
and 8. 
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Conclusion 

Any inquiry concerning tliis communication or earlier communications from tine 
examiner sliould be directed to JEFFREY D. POPHAM wliose teleplione number is 
(571)272-7215. The examiner can normally be reached on M-F 9:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571 )272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status Information for unpublished applications Is available through Private PAIR only. 
For more Information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Jeffrey D Popham 

Examiner 

Art Unit 2137 

/Jeffrey D Popham/ 
Examiner, Art Unit 2137 
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Supervisory Patent Examiner, Art Unit 2137 



